On Fri, 28 Sep 2007, Steve Langasek wrote:
> Ok, but nss has no per-service configuration files, so how do you intend to
> make NSS select a different password file in different contexts?
Yes, that's a problem: PAM allows different contexts but nss doesn't.
But I don't think this extension should solve that ;-).
> Or is the intent to make all password operations on the system use the
> same alternate location that will be hard-coded in the NSS module? (In
> that case, I'm not sure there's much point to making it configurable in
> pam_unix if it has to be hard-coded in nss_files.)
The NSS module could check a hardcoded configuration file, which
would simply list all of the alternate locations. It does not mean of
course different context but it is the best one could achieve as far as
I see.
As a matter of fact, the NSS prototype I wrote checks a hardcoded filename
as a symbolic link pointing to the single alternate location it supports.
Best regards,
Jozsef
-
E-mail : kadlec blackhole kfki hu, kadlec sunserv kfki hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary